What Is Claimed Is: 



1 . A me hod for managing a database system, comprising: 
receiving a command to perform an administrative function involving an 
object defined withii the database system; 

determining if the object is a sensitive object that is associated with 
security functions in the database system; 

if the object id not a sensitive object, and if the command is received from 
a normal database adr linistrator for the database system, allowing the 
administrative functio i to proceed; and 

if the object is a sensitive object, and if the command is received from a 
normal system administrator, disallowing the administrative function. 

The method of claim 1, further comprising: 

uest to perform an operation on a data item in the database 



receiving a rec 



system; 



if the data iten t 



is a sensitive data item containing sensitive information 



and if the request is re:eived from a sensitive user who is empowered to access 



sensitive data, allowing 
rights to the data item: 
if the data item 



the operation to proceed if the sensitive user has access 
and 

is a sensitive data item and the request is received from a 



item, if the operation is 



normal user, disallowi lg the operation. 



3. The mei hod of claim 2, wherein if the data item is a sensitive data 



allowed to proceed, and if the operation involves retrieval 
of the data item, the mdfhod further comprises decrypting the data item using an 
encryption key after theldata item is retrieved. 
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1 4. The method 

2 with a table containing the dati 



of dlaim 3, wherein the encryption key is stored along 
item. 



1 5. The method of 

2 encrypted form. 



laim 4, wherein the encryption key is stored in 



1 6. The method of claim 1 , wherein the sensitive object can include 

2 one of: 

3 a sensitive table containing sensitive data in the database system; 

4 a sensitive row wittyn a table in the database system, wherein the sensitive 

5 row contains sensitive dataf; and 

6 an object that represents a sensitive user of the database system who is 

7 empowered to access sensitive data. 
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1 7. The method of claim 1 , wherein if the object is not a sensitive 

2 object, and if the commfand to perform the administrative function is received 

3 from a security officer/ the method further comprises allowing the security officer 

4 to perform the administrative function on the object. 



1 8. The niethod of claim 1 , 

2 wherein the flatabase system includes a number of sensitive data items; 

3 and 

4 wherein or^y specific sensitive users are allowed to access a given 

5 sensitive data iter 
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1 9. A computer-readable storage medium storing instructions that 

2 when executed by a computer cause the computer to perform a method for 

3 managing a database system, the method comprising: 

4 receiving a command to perform an administrative function involving an 

5 object defined within the database system; 

6 determining if me object is a sensitive object that is associated with 

7 security functions in thadatabase system; 

8 if the object is nqt a sensitive object, and if the command is received from 

9 a normal database administrator for the database system, allowing the 

10 administrative function tA proceed; and 

1 1 if the object is a sensitive object, and if the command is received from a 

12 normal system administrator, disallowing the administrative function. 



4* 1 10. The computer-readable storage medium of claim 9, wherein the 

r h \ 

01 2 method further comprises: 

p 3 receiving a request \o perform an operation on a data item in the database 

^ 4 system; 

HJ 5 if the data item is a Sensitive data item containing sensitive information 

\j\ 6 and if the request is received from a sensitive user who is empowered to access 

zt. 7 sensitive data, allowing the Operation to proceed if the sensitive user has access 

8 rights to the data item; and 

9 if the data item is a sensitive data item and the request is received from a 
1 0 normal user, disallowing the bperation. 

1 1 1 . The computer-ieadable storage medium of claim 1 0, wherein if the 

2 data item is a sensitive data itehi, if the operation is allowed to proceed, and if the 
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3 operation involves retrieval of the data item, the method further comprises 

4 decrypting the data item using an encryption key after the data item is retrieved. 

1 12. The computer-readable storage medium of claim 1 1, wherein the 

2 encryption key is stored along with a table containing the data item. 

1 13. The computer-readable storage medium of claim 1 2, wherein the 

2 encryption key is stored in encrypted form. 
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1 14. The compuler-readable storage medium of claim 9, wherein the 

2 sensitive object can includi one of: 

3 a sensitive table containing sensitive data in the database system; 

4 a sensitive row within a table in the database system, wherein the sensitive 

5 row contains sensitive data; and 

6 an object that represents a sensitive user of the database system who is 

7 empowered to access sensitive data. 

1 1 5 . The computet-readable storage medium of claim 9, wherein if the 

2 object is not a sensitive objefct, and if the command to perform the administrative 

3 function is received from a Security officer, the method further comprises allowing 

4 the security officer to perform the administrative function. 



1 1 6. The computeij-readable storage medium of claim 9, 

2 wherein the database (system includes a number of sensitive data items; 

3 and 

4 wherein only specific Sensitive users are allowed to access a given 

5 sensitive data item. 
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1 1 7. An apparatus for managing a database system, comprising: 

2 a command receiving mechanism that is configured to receive a command 

3 to perform an administrative function involving an object defined within the 

4 database system; 

5 an execution mechanism that is configured to, 

6 determine if the object is a sensitive object that is 

7 associated With security functions in the database system, 

8 allow the administrative function to proceed, if the object is 

9 not a sensitwe object, and if the command is received from a 

1 0 normal database administrator for the database system, and to 

1 1 disallow the administrative function, if the object is a 

12 sensitive object, and if the command is received from a normal 

1 3 system administrator. 

1 1 8. The apparatuslof claim 1 7, 

2 wherein the command receiving mechanism is configured to receive a 

3 request to perform an operation on a data item in the database system; 

4 wherein the executionlmechanism is configured to, 

5 allow the operation to proceed, if the data item is a 

6 sensitive data item, if the request is received from a sensitive user 

7 who is empowered to access sensitive data, and if the sensitive user 

8 has access rights to the data item, and to 

9 disallow the operation, if the data item is a sensitive data 

10 item, and if the request is received from a normal user. 
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1 19. The 

2 mechanism, wherein if the 

3 allowed to proceed, and 

4 decryption mechanism is 

5 key after the data item is retrieved 



1 
2 
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4 
5 
6 
7 

1 
2 
3 
4 



apparatus of claim 18, further comprising a decryption 

data item is a sensitive data item, if the operation is 
operation involves retrieval of the data item, the 
configured to decrypt the data item using an encryption 



if the < 



1 20. The apparatus 

2 along with a table containing 



of claim 19, wherein the encryption key is stored 
the data item. 



1 21 . The apparatus of claim 20, wherein the encryption key is stored in 

2 encrypted form. 



22. The apparati s of claim 1 7, wherein the sensitive object can include 



one of: 



a sensitive table containing sensitive data in the database system; 



a sensitive row with 
row contains sensitive data; 



n a table in the database system, wherein the sensitive 
and 

an object that represjents a sensitive user of the database system who is 
empowered to access sensitive data. 



23. The apparati i: 
object, and if the command 
from a security officer, the 
security officer to perform 



24. The apparati s of claim 1 7 



s of claim 17, wherein if the object is not a sensitive 
to perform the administrative function is received 
xecution mechanism is configured to allow the 
administrative function. 



the 
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1 wherein the diabase system includes a number of sensitive data items; 

2 and 

3 wherein oi)fy specific sensitive users are allowed to access a given 

4 sensitive data itef* 
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